News & Events

The Spectre of a Security Meltdown

Computer users around the world woke up to 2018 with news that, once again, they face serious new threats to their systems’ security. This time the dangers come from flaws in CPUs manufactured by all the major producers including Intel and AMD.

With terrifying names like Meltdown and Spectre, these vulnerabilities are possibly the most widespread IT security threat that the world has faced. This is because almost all computing devices are affected. Intel and AMD between them manufacture almost all CPUs on the globe. And these CPUs are present in all manners of devices including PCs, servers and even smartphones, TVs and watches. It does not matter if you are using Windows, macOS (or even Linux), Android, or iOS; they are all susceptible.

HTG’s security specialists have been working with our hardware, software and security vendors to determine the best course of action to protect ourselves and our clients from these threats. However, because of the enormity of these vulnerabilities many manufacturers are still collecting information and assessing the impacts from implementing fixes.

With terrifying names like Meltdown and Spectre, these vulnerabilities are possibly the most widespread IT security threat that the world has faced.

One such consequence is the hit on performance with some users reporting that Microsoft’s emergency patch is ‘bricking’ their devices. (For the less geeky, ‘bricking’ essentially means a device has turned into a brick. And like a brick, it will not power up or function like a computer device.)

There are also reports of compatibility issues with most antivirus tools and some AMD users have found their computers to be unusable after applying the recommended patch.

At HTG, our security specialists have been hard at work gathering information and improving our understanding of the issues at hand.

As of this morning we are advising all computer users to take the following steps ASAP:

Implement updates to antivirus software to mitigate compatibility issues as soon as they are available.

Deploy relevant patch updates to all PCs, servers and firewalls as soon as they are released by the manufacturers.

It is important that this process is effected in the right order. Microsoft has required affected AV vendors to add a registry key to the start-up sequence certifying their software works with Microsoft’s patches.

The following is Microsoft’s statement:

“Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets [a Microsoft prescribed] registry key.”

It is important to know that the January Microsoft patches, and currently all future security patches, will not install unless antivirus vendors take action — and some don’t want to or feel they cannot.

Of the top 39 affected AV vendors, only 17 have confirmed they have complied, according to a running list maintained by security researcher Kevin Beaumont (see full list below which is current as of 12 noon 10 January).

If your AV is not marked with Y Y in the list above, then you will be unable to install your Microsoft update until your AV manufacturer has complied.

Clients who have subscribed to our HTG Make-IT-Easy (MIE) and HTG Make-IT-Safe (MIS) agreements do not have to concern themselves with any of this. This is because as part of the plan, our security specialists have now effected the most up to date measures to ensure that your system is protected.

HTG will continue to work with our upstream vendors and monitor various global information sources to ensure that the protection we offer to our clients is the most prudent and up to date. We anticipate that the situation will remain fluid at least over the next few days and even weeks as vendors react to new information.

As important information comes to hand, we will immediately bring it to your attention.

If you are not a HTG MIS or MIE customer or your IT support firm does not offer a similar service, please talk to us about how we can help by ringing 0800 484 4357 or me on 07 838 6061 or by clicking HERE.

At HTG we are totally committed to ensuring that all our clients’ systems are protected all the time.

With an HTG plan, instead of being distracted by highly technical and potentially very costly risks, you can focus on your own core business while we make your IT easy as well as safe.

With an HTG plan, instead of being distracted by highly technical and potentially very costly risks, you can focus on your own core business while we make your IT easy as well as safe.

What to do if you are infected with Cryptolocker?

If you have never been bitten by a successful Cryptolocker infection you may not be aware of the cost and trauma of one.

Prevention is better than cure but if in spite of everything you still get infected it is important that you know what to do to minimize the damage.

How do you know you are infected?

For the majority of infections, a very formal looking ransomware window pops up when the malware has completed its job.

Once encrypted, there is presently no hope of de-encrypting the files unless you pay for the de-encryption key from the hackers, or you restore from backup.

What to do:

Time is of the essence.

Therefore, as soon as you detect such an infection, immediately limit the impact of the encryption process by:

disconnecting your PC from the internet (pull out the network cable and turn off Wi-Fi).

ensuring that any backups you have are not connected in any way to any infected machines including your server. This is to prevent the infection from propagating to your uninfected backups.

contacting an IT Security Specialist with experience in Cryptolocker recovery to ensure that you have the best chance of complete recovery in the shortest time possible.

HTG has had a lot of experience and expertise in helping clients to proactively protect themselves against cybersecurity threats. We have a Ransomware SWAT Team that has assisted lots of businesses with quick and successful recovery.

Therefore, keep the following number handy in case you need help:

0800 484 4357

HOUSTON TECHNOLOGY GROUP

Alan ChewMANAGING DIRECTOR

If you wish to subscribe to this newsletter, please click Subscribe. To unsubscribe, please click Unsubscribe. If this email has been redirected to you and you wish to unsubscribe, please advise that you wish to unsubscribe sales@advancediagnostics.co.nz To ask Alan a question please click here.